This invention relates to systems and methods for managing mobile voice communications and information, including personal information. More particularly, the invention relates to systems and methods for transmitting, receiving, encrypting, storing, and the like, of encrypted mobile voice communications and of personal information. Specific embodiments and methods of the invention relate to wireless communication, cellular telephony, Internet-based systems and methods, software, computers, or a combination thereof for sending, receiving, and storing short messaging service (SMS) messages and multimedia messaging service (MMS) messages and mobile voice communications in an encrypted and secure manner.
Mobile voice communications are vulnerable to security breaches of the voice communications, unauthorized access to the voice communications, and other problems. Incorporation of mobile devices (often using disparate mobile phone networks and operating systems) into the information technology (IT) infrastructure of a business or enterprise has proven to be problematic with regard to both integration and security. For example, mobile devices can carry important information (and data) and communication on the mobile device can create a security leak of the information (and data) on the mobile device. Voice communication on a mobile device can be eavesdropped by a third party to the mobile device and the mobile phone network (e.g., hackers of the mobile phone network, employees, consultants, or vendors of the operators of the mobile phone network, or anyone else or anything else having access to the communication between the mobile device and the mobile phone network, such as tower operators, infrastructure providers, and backhaulers). As a result, there is a need for end-to-end mobile voice communications that are also encrypted. Additionally, the enforcement of regulated and/or proprietary informational policy on the mobile voice communications that are relayed on mobile phone networks has proven difficult. This is so because these types of communications between members of an organization and/or one or more members of an organization and their clients are external to an IT controlled environment (where an IT controlled environment is more secure). Standard mobile voice communications are not adequately (or end-to-end) encrypted, and are thus vulnerable to interception and other unauthorized access. Also, standard mobile voice communications have weak encryption, the encryption is compromised, or the encryption does not prevent service providers (such as mobile phone network operators and/or their vendors) from eavesdropping on the mobile voice communication. Vulnerabilities associated with the security of communicating proprietary and regulated information between members of organizations and/or enterprises using their mobile devices can lead to loss of revenue and/or fines associated with regulatory non-compliance.
In addition, mobile voice over IP communications that are encrypted are vulnerable when using SSL (Secure Sockets Layer) or TLS (Transport Layer Security) due to different problems. These problems include one or more man-in-the-middle (MITM) attacks, exploitation of root certificate authority, the need for reliance upon a pre-shared key for encryption, and/or forged certificate concerns related to getting a hold of the root certificate. A MITM attack in cryptography and computer security uses eavesdropping. A MITM attacker contacts users and communicates messages between the users, making the users believe that they are directly communicating with each other over a private connection. However, their communication or conversation is controlled by the MITM attacker. The need for reliance upon a pre-shared key (pre-defined and pre-shared) for encryption introduces challenges or failures for renewing of the pre-shared key. Furthermore, the encryption employed by various iterations of SSL is not secure enough (e.g., the bit encryption may be low for adequate encryption).
Moreover, as the number of subscribers of mobile devices and mobile services has grown, usage (e.g., transmission and reception) of mobile voice communications has greatly increased and throughput demand and bandwidth demand on the mobile phone network have increased at a higher rate than capacity. As the result, optimal throughput or bandwidth on the mobile phone network may not always be available for mobile voice communications.
This invention provides, among other things, a number of methods and embodiments to address the issues of security vulnerabilities, integrating the mobile devices that are not a part of the IT infrastructure into the IT infrastructure of a business or enterprise, throughput optimization on the mobile phone network, and the management of mobile devices, IT integration, and policy administration.
Potential for improvement exists in these and other areas that may be apparent to a person of skill in the art having studied this document.